Launchpad CVE tracker

CVE 2016-4429

Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.

Related bugs and status

CVE-2016-4429 (Candidate) is related to these bugs:

Bug #1561621: mosh-server crashed with SIGSEGV in execute_helper()

		In	Importance	Status
1561621	mosh-server crashed with SIGSEGV in execute_helper()	mosh (Ubuntu)	Undecided	Fix Released
1561621	mosh-server crashed with SIGSEGV in execute_helper()	mosh (Debian)	Unknown	Fix Released
1561621	mosh-server crashed with SIGSEGV in execute_helper()	GLibC	Medium	Fix Released
1561621	mosh-server crashed with SIGSEGV in execute_helper()	glibc (Ubuntu)	Medium	Confirmed

Bug #1571456: id crashed with SIGSEGV in sock_eq()

		In	Importance	Status
1571456	id crashed with SIGSEGV in sock_eq()	glibc (Ubuntu)	High	Fix Released
1571456	id crashed with SIGSEGV in sock_eq()	GLibC	Unknown	Unknown
1571456	id crashed with SIGSEGV in sock_eq()	glibc (Fedora)	Undecided	Fix Released
1571456	id crashed with SIGSEGV in sock_eq()	glibc (Debian)	Unknown	Fix Released
1571456	id crashed with SIGSEGV in sock_eq()	glibc (Ubuntu Xenial)	High	Fix Released

Bug #1843403: [MIR] nfs-ganesha, ntirpc

Summary				In	Importance	Status
	1843403	[MIR] nfs-ganesha, ntirpc		nfs-ganesha (Ubuntu)	High	Fix Released
	1843403	[MIR] nfs-ganesha, ntirpc		ntirpc (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2016-4429

References